Moderate severityNVD Advisory· Published Jun 9, 2023· Updated Feb 13, 2025
Denial-of-Service in gRPC
CVE-2023-32732
Description
gRPC contains a vulnerability whereby a client can cause a termination of connection between a HTTP2 proxy and a gRPC server: a base64 encoding error for -bin suffixed headers will result in a disconnection by the gRPC server, but is typically allowed by HTTP2 proxies. We recommend upgrading beyond the commit in https://github.com/grpc/grpc/pull/32309 https://www.google.com/url
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
io.grpc:grpc-protobufMaven | >= 1.53.0, < 1.53.1 | 1.53.1 |
grpcioPyPI | >= 1.53.0, < 1.53.1 | 1.53.1 |
grpcRubyGems | >= 1.53.0, < 1.53.1 | 1.53.1 |
io.grpc:grpc-protobufMaven | >= 1.54.0, < 1.54.2 | 1.54.2 |
grpcioPyPI | >= 1.54.0, < 1.54.2 | 1.54.2 |
grpcRubyGems | >= 1.54.0, < 1.54.2 | 1.54.2 |
Affected products
72- osv-coords71 versionspkg:apk/chainguard/hivepkg:apk/chainguard/hive-compatpkg:apk/chainguard/stargatepkg:apk/chainguard/wavefront-proxypkg:apk/chainguard/wavefront-proxy-compatpkg:apk/chainguard/wavefront-proxy-configpkg:apk/chainguard/wavefront-proxy-licensespkg:apk/wolfi/wavefront-proxypkg:apk/wolfi/wavefront-proxy-compatpkg:apk/wolfi/wavefront-proxy-configpkg:apk/wolfi/wavefront-proxy-licensespkg:gem/grpcpkg:maven/io.grpc/grpc-protobufpkg:pypi/grpciopkg:rpm/opensuse/abseil-cpp&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/abseil-cpp&distro=openSUSE%20Leap%20Micro%205.3pkg:rpm/opensuse/abseil-cpp&distro=openSUSE%20Leap%20Micro%205.4pkg:rpm/opensuse/grpc&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/opencensus-proto&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/protobuf&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/protobuf&distro=openSUSE%20Leap%20Micro%205.3pkg:rpm/opensuse/protobuf&distro=openSUSE%20Leap%20Micro%205.4pkg:rpm/opensuse/python-abseil&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/python-grpcio&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/re2&distro=openSUSE%20Leap%2015.5pkg:rpm/suse/abseil-cpp&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/abseil-cpp&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/abseil-cpp&distro=SUSE%20Linux%20Enterprise%20Installer%20Updates%2015%20SP4pkg:rpm/suse/abseil-cpp&distro=SUSE%20Linux%20Enterprise%20Installer%20Updates%2015%20SP5pkg:rpm/suse/abseil-cpp&distro=SUSE%20Linux%20Enterprise%20Micro%205.3pkg:rpm/suse/abseil-cpp&distro=SUSE%20Linux%20Enterprise%20Micro%205.4pkg:rpm/suse/abseil-cpp&distro=SUSE%20Linux%20Enterprise%20Micro%205.5pkg:rpm/suse/abseil-cpp&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5pkg:rpm/suse/abseil-cpp&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP5pkg:rpm/suse/abseil-cpp&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/abseil-cpp&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/abseil-cpp&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP5pkg:rpm/suse/abseil-cpp&distro=SUSE%20Manager%20Proxy%204.3pkg:rpm/suse/grpc&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/grpc&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/grpc&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5pkg:rpm/suse/grpc&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP4pkg:rpm/suse/grpc&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP5pkg:rpm/suse/grpc&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/grpc&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/grpc&distro=SUSE%20Manager%20Proxy%204.3pkg:rpm/suse/protobuf&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/protobuf&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/protobuf&distro=SUSE%20Linux%20Enterprise%20Installer%20Updates%2015%20SP4pkg:rpm/suse/protobuf&distro=SUSE%20Linux%20Enterprise%20Installer%20Updates%2015%20SP5pkg:rpm/suse/protobuf&distro=SUSE%20Linux%20Enterprise%20Micro%205.3pkg:rpm/suse/protobuf&distro=SUSE%20Linux%20Enterprise%20Micro%205.4pkg:rpm/suse/protobuf&distro=SUSE%20Linux%20Enterprise%20Micro%205.5pkg:rpm/suse/protobuf&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5pkg:rpm/suse/protobuf&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP5pkg:rpm/suse/protobuf&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP5pkg:rpm/suse/protobuf&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP4pkg:rpm/suse/protobuf&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP5pkg:rpm/suse/protobuf&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Python%203%2015%20SP5pkg:rpm/suse/protobuf&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/protobuf&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/protobuf&distro=SUSE%20Manager%20Proxy%204.3pkg:rpm/suse/python-abseil&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Python%203%2015%20SP5pkg:rpm/suse/python-grpcio&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Python%203%2015%20SP5pkg:rpm/suse/re2&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/re2&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/re2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5pkg:rpm/suse/re2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP5pkg:rpm/suse/re2&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/re2&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/re2&distro=SUSE%20Manager%20Proxy%204.3
< 4.0.1-r1+ 70 more
- (no CPE)range: < 4.0.1-r1
- (no CPE)range: < 4.0.1-r1
- (no CPE)range: < 1.0.78-r2
- (no CPE)range: < 13.4-r1
- (no CPE)range: < 13.4-r1
- (no CPE)range: < 13.4-r1
- (no CPE)range: < 13.4-r1
- (no CPE)range: < 13.4-r1
- (no CPE)range: < 13.4-r1
- (no CPE)range: < 13.4-r1
- (no CPE)range: < 13.4-r1
- (no CPE)range: >= 1.53.0, < 1.53.1
- (no CPE)range: >= 1.53.0, < 1.53.1
- (no CPE)range: >= 1.53.0, < 1.53.1
- (no CPE)range: < 20230802.1-150400.10.4.1
- (no CPE)range: < 20230802.1-150400.10.4.1
- (no CPE)range: < 20230802.1-150400.10.4.1
- (no CPE)range: < 1.60.0-150400.8.3.2
- (no CPE)range: < 0.3.0+git.20200721-150400.9.3.1
- (no CPE)range: < 25.1-150400.9.3.1
- (no CPE)range: < 25.1-150400.9.3.1
- (no CPE)range: < 25.1-150400.9.3.1
- (no CPE)range: < 1.4.0-150400.9.3.1
- (no CPE)range: < 1.60.0-150400.9.3.2
- (no CPE)range: < 20240201-150400.9.3.1
- (no CPE)range: < 20230802.1-150400.10.4.1
- (no CPE)range: < 20230802.1-150400.10.4.1
- (no CPE)range: < 20230802.1-150400.10.4.1
- (no CPE)range: < 20230802.1-150400.10.4.1
- (no CPE)range: < 20230802.1-150400.10.4.1
- (no CPE)range: < 20230802.1-150400.10.4.1
- (no CPE)range: < 20230802.1-150400.10.4.1
- (no CPE)range: < 20230802.1-150400.10.4.1
- (no CPE)range: < 20230802.1-150400.10.4.1
- (no CPE)range: < 20230802.1-150400.10.4.1
- (no CPE)range: < 20230802.1-150400.10.4.1
- (no CPE)range: < 20230802.1-150400.10.4.1
- (no CPE)range: < 20230802.1-150400.10.4.1
- (no CPE)range: < 1.60.0-150400.8.3.2
- (no CPE)range: < 1.60.0-150400.8.3.2
- (no CPE)range: < 1.60.0-150400.8.3.2
- (no CPE)range: < 1.60.0-150400.8.3.2
- (no CPE)range: < 1.60.0-150400.8.3.2
- (no CPE)range: < 1.60.0-150400.8.3.2
- (no CPE)range: < 1.60.0-150400.8.3.2
- (no CPE)range: < 1.60.0-150400.8.3.2
- (no CPE)range: < 25.1-150400.9.3.1
- (no CPE)range: < 25.1-150400.9.3.1
- (no CPE)range: < 25.1-150400.9.3.1
- (no CPE)range: < 25.1-150400.9.3.1
- (no CPE)range: < 25.1-150400.9.3.1
- (no CPE)range: < 25.1-150400.9.3.1
- (no CPE)range: < 25.1-150400.9.3.1
- (no CPE)range: < 25.1-150400.9.3.1
- (no CPE)range: < 25.1-150400.9.3.1
- (no CPE)range: < 25.1-150400.9.3.1
- (no CPE)range: < 25.1-150400.9.3.1
- (no CPE)range: < 25.1-150400.9.3.1
- (no CPE)range: < 25.1-150400.9.3.1
- (no CPE)range: < 25.1-150400.9.3.1
- (no CPE)range: < 25.1-150400.9.3.1
- (no CPE)range: < 25.1-150400.9.3.1
- (no CPE)range: < 1.4.0-150400.9.3.1
- (no CPE)range: < 1.60.0-150400.9.3.2
- (no CPE)range: < 20240201-150400.9.3.1
- (no CPE)range: < 20240201-150400.9.3.1
- (no CPE)range: < 20240201-150400.9.3.1
- (no CPE)range: < 20240201-150400.9.3.1
- (no CPE)range: < 20240201-150400.9.3.1
- (no CPE)range: < 20240201-150400.9.3.1
- (no CPE)range: < 20240201-150400.9.3.1
- Google/gRPCv5Range: 1.53
Patches
Vulnerability mechanics
References
12- github.com/advisories/GHSA-9hxf-ppjv-w6rqghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2023-32732ghsaADVISORY
- github.com/grpc/grpc/commit/29d8beee0ac2555773b2a2dda5601c74a95d6c10ghsaWEB
- github.com/grpc/grpc/commit/65a2a895afaf1d2072447b9baf246374b182a946ghsaWEB
- github.com/grpc/grpc/pull/32309ghsaWEB
- github.com/grpc/grpc/releases/tag/v1.53.1ghsaWEB
- github.com/grpc/grpc/releases/tag/v1.54.2ghsaWEB
- github.com/rubysec/ruby-advisory-db/blob/master/gems/grpc/CVE-2023-32732.ymlghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/37IDNVY5AWVH7JDMM2SDTL24ZPPZJNSYghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VWE44J5FG7THHL7XVEVTNIGEYBNKJBLLghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/37IDNVY5AWVH7JDMM2SDTL24ZPPZJNSY/mitre
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VWE44J5FG7THHL7XVEVTNIGEYBNKJBLL/mitre
News mentions
0No linked articles in our index yet.